Otomi makes developers self-serving and helps DevOps teams to guarantee application security and availability at the earliest stages in the development lifecycle when using Kubernetes while strongly relying on GitOps patterns, where desired state is reflected as code and the cluster state is automatically updated.
Install Otomi with one command on any Kubernetes cluster to get a complete enterprise-grade platform experience with developer self-service.
🔔When installing Otomi using the quick start or installing with minimal values using Helm, you will not be able to pull images from the local Harbor registry unless you add the auto-generated CA to all cluster nodes. To be able to pull images from Harbor without adding the CA to all cluster nodes, install Otomi with
issuer=letsencrypt(or BYO CA). See otomi.io for more instructions.
Use the Terraform quick start for Azure, GCP, and AWS to provision a Kubernetes cluster in your cloud of choice and install Otomi with minimal values. Go to the quickstart repository to get started.
When the installer job has finished, copy the URL and the generated password from the bottom of the logs of the job (in the default namespace) and complete the post-installion steps.
Install with minimal values using Helm
Otomi with minimal values using Helm, first create a
values.yaml file with the following values:
cluster: k8sVersion: '1.20' # 1.18, 1.19, 1.20 and 1.21 are supported name: # the name of your cluster owner: # the owner of the cluster provider: # choose between aws, azure, google or onprem
add the repository:
helm repo add otomi https://otomi.io/otomi-core helm repo update
and then install the Helm chart:
helm install -f values.yaml otomi otomi/otomi
When the installer job has finished, copy the URL and the generated password from the bottom of the logs of the job (in the default namespace). and complete the post-installation steps.
Otomi, you can use Otomi Console to access all integrated applications and use the self-service features to create new Knative services, publicly expose pre-deployed services, create secrets and create Kubernetes Jobs / Cron Jobs.
Otomi can be installed with the following advanced configuration options:
- Use an external DNS zone with LetsEncrypt certificates
- Configure Azure Active Directory as an IdP
- Use KMS to manage keys for encryption
Go to otomi.io for more detailed instructions.
- Developer self-service
- Over 20 pre-configured and ready-to-use applications and add-ons
- Application configuration management
- Implemented security policies
- Single Sign-On
- Automatic ingress configuration
- Input/output validation
- Automatic image vulnerability scanning
- Secrets management
- Full observability
- Kubernetes best-practices
Learn more about
Otomi at otomi.io.
Otomi ships with the following pre-configured and ready to use applications:
- Istio: The service mesh framework with end-to-end transit encryption
- Knative: Deploy and manage serverless workloads
- Prometheus: Collecting container application metrics
- Loki: Collecting container application logs
- Harbor: Container image registry with role-based access control, image scanning, and image signing
- HashiCorp Vault: Manage Secrets and Protect Sensitive Data
- Kubeapps: Launching and managing applications on Kubernetes
- Keycloak: Identity and access management for modern applications and services
- OPA: Policy-based control for cloud-native environments
- Let's Encrypt: A nonprofit Certificate Authority providing industry-recognized TLS certificates
- Jaeger: End-to-end distributed tracing and monitor for complex distributed systems
- Kiali: Observe Istio service mesh relations and connections
Otomi consists out of multiple projects:
- Otomi Core (this project): The heart of Otomi
- Otomi Tasks: Autonomous jobs orchestrated by Otomi Core
- Otomi API: The brain of Otomi, handling console input and talking to Otomi Core
- Otomi Console: The UI of Otomi for admins and teams, talking to Otomi API
- Otomi Clients: Factory to build and publish openapi clients used in the redkubes/otomi-tasks repo
If you want to say thank you or/and support the active development of
- Add a GitHub Star to the project
- Write interesting articles about the project on Dev.to, Medium or on your personal blog
Otomi is free and open-source software licensed under the Apache 2.0 License.